As Internal Threats Rise, Investors Back New Security Tech

0

On February 3, 2011, a little over two years before Edward Snowden would board his plane to Hong Kong and change history, a 37-year-old man named Jason Cornish fired what may have been the first shot in one of the new fronts of the battle for enterprise security.

An information technology employee at Shionogi, the US subsidiary of a Japanese pharmaceutical firm, Cornish woke up that icy February morning, went to his local McDonald’s and deleted 15 virtual hosts on Shionogi’s network, housing the equivalent of 88 different computer servers.

Shionogi lost its email and Blackberry servers, its order tracking system, and its financial management software, according to an FBI report.

Cornish accessed the network via a software program he had secretly installed and used his familiarity with the company’s network to select each of the virtual servers he wanted to delete. The FBI estimated that attack cost the company $300,000.

Amid this steady drumbeat of technology breaches and security snafus, venture capitalists have spent roughly $6.5 billion on new technologies to combat this menace, according to CrunchBase data.

The latest company to benefit from this deluge of dollars, and the one that addresses the issue of bad actors inside corporate networks most directly, is HyTrust, which has just closed on $25 million in new financing. The Series D round was led by new investor Accelerate IT Ventures with additional participation from Vanedge Capital.

“HyTrust definitely benefited from the Snowden effect,” said one investor familiar with the company.

To prevent against future Snowden-like breaches in government or in business, HyTrust allows companies to automate controls around who can access what information and then monitors how different users behave on the network. If a user tries to access files or acts anomalously Hytrust can notify the right security channels and prevent access to unauthorized material.

The movement to “cloud computing” which allows organizations to store and process orders of magnitude more data than every before has exposed that information to more attacks, says Brian Nugent, and investor with AITV who will take a seat on the HyTrust board of directors. “Cloud computing creates a soft underbelly of data security,” he says.

Traditional security depended on the protection of hardware and software and network perimeters. But with data distributed across a network, the notion of a “perimeter” disappears. “System administrators are now some of the most powerful people within an organization,” says Eric Chiu, HyTrust chief executive.

HyTrust and other companies like it allow organizations to create layers of controls to gauge who has access to what information, and integrate with other services to monitor user behavior and look for anomalies. By partnering with networking giants like Cisco, virtualization technology vendors like VMWare, and hardware companies like Intel, HyTrust has a window across all aspects of a company’s network, according to investors.

And securing networks has never been more important. According to a survey by Forrester Research 53% of enterprise workloads were already virtualized in 2013, and that number is expected to rise to 71% by the end of this year.

While HyTrust is attracting dollars and investor interest, other security buckets represent big opportunities for venture investors and young technology companies, according to one venture capitalist familiar with the security market.

“This has the potential to productize a multi-billion dollar consulting market around security penetration,” the investor said. Marquee firms like Benchmark, which backed Hacker1, and Greylock, Kleiner Perkins Caufield & Byers and Google Ventures are behind Synack. Venture capitalists are also taking a closer look at document management, security and tracking, with three stealthy companies backed in the last year.

Finally, new companies are even taking a run at HyTrust’s market of securing against internal threats in a network. Baltimore-based RedOwl Analytics raised $4.6 million in a round of funding to develop its network monitoring and security technology, and Fortscale has raised $12 million from investors including Intel Capital looking at a similar market. “This category builds on top of security compliance, and adds a bunch of data sources to do predictive analytics,” the investor said.

Ultimately, enterprises will turn to all of these technologies, because, frankly, they have little other choice, investors said. “There’s no one technology that’s a silver bullet,” said an investor backing HyTrust. “Companies need everything they can to reduce the cost and complexity of security, and counterintuitively that means buying more technology. The threats keep multiplying.”

0

Crunchbase

BioEdward Snowden is an American computer professional who leaked classified information from the National Security Agency (NSA) to the mainstream media.
He is a former system administrator for the Central Intelligence Agency and a counterintelligence trainer at the Defense Intelligence Agency (DIA). He later worked for Dell assigned as a contractor to U.S. National Security Agency facilities in …

OverviewGranite Ventures has been helping early-stage technology companies build solid foundations for success since 1992. T
Granite has invested over $1 billion in more than 90 private companies. We partner with promising and successful entrepreneurs to create businesses that have a competitive edge and help them achieve category leadership.

OverviewIntel Capital is an investment firm that is focused on mergers, acquisitions, and equity investments related to tech startups. The company invests in a broad range of companies that offers hardware, software, and services targeting the enterprise, mobility, consumer internet, digital media, and semiconductor manufacturing sectors.
The company focuses on helping entrepreneurs scale from startups …

OverviewVMware, Inc. provides virtualization solutions. The company was founded in 1998 and is headquartered in Palo Alto, California.
Its virtualization platform products include _Player_ that enables individuals to run virtual machines on their desktops; _Fusion_, a desktop virtualization product for users of Intel-based Apple Macintosh computers; _Workstation_ for software developers and enterprise IT …

OverviewCognitive Security is a technology company focused on applying artificial intelligence techniques to detect advanced cyber threats. Their solution integrates a range of sophisticated technologies to identify and analyze key threats, both external and internal to a customer through advanced behavioral analysis of real-time data.

OverviewHyTrust offers IT managers and administrators of virtual infrastructure a centralized, single point of control for hypervisor configuration, compliance, and access management. By combining best practices, processes, and controls of physical infrastructure security into a comprehensive solution for virtual infrastructure, HyTrust enables virtual infrastructure to achieve the same level of operational …